antonyz89/yii2-rbac

This package is abandoned and no longer maintained. No replacement package was suggested.

RBAC for Yii2 Framework

Maintainers

Details

github.com/AntonyZ89/yii2-rbac

Source

Issues

Installs: 11

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 2

Forks: 0

Type:yii2-extension

0.2.4 2020-09-23 04:36 UTC

Requires

BSD-3-Clause 3fc717804b5781a84a3a2cb4ebd21bc19c729072

  • Antony Gabriel <antonyz.dev.woop@gmail.com>

rulerbacyii2antonyz89

This package is auto-updated.

Last update: 2023-01-14 18:09:41 UTC

README

Donate with PayPal

Installation

The preferred way to install this extension is through composer.

Either run

$ composer require antonyz89/yii2-rbac dev-master

or add

"antonyz89/yii2-rbac": "dev-master"

to the require section of your composer.json file.

Usage

$ php yii migrate/up --migrationPath=@antonyz89/rbac/migrations

Add bootstrap and module in to main.php

return [
    'bootstrap' => ['rbac'],
    'modules' => [
        'rbac' => ['class' => 'antonyz89\rbac\Module'],
    ],
]

Applying Rules

1 - Add AccessControl to your Controller's Behaviour

use antonyz89\rbac\components\AccessControl;

/**
 * ExampleController implements the CRUD actions for Example model.
 */
class ExampleController extends Controller
{
    /**
     * {@inheritdoc}
     */
    public function behaviors()
    {
        return [
            'access' => [
                'class' => AccessControl::class, /* add */
                /* optional fields */
                'rules' => [
                    [
                        'actions' => [
                            'create',
                            'update',
                            'view',
                            'index',
                        ],
                        'allow' => true,
                        'roles' => ['@'],
                    ],
                ],
            ],
            'verbs' => [
                'class' => VerbFilter::class,
                'actions' => [
                    'delete' => ['POST'],
                ],
            ],
        ];
    }
}

2 - Create a rbac_profile_id to your identity class

php yii migrate/create add_rbac_profile_id_to_user_table

<?php

use yii\db\Migration;

/**
 * Class m200808_033148_add_rbac_profile_id_to_user_table
 */
class m200808_033148_add_rbac_profile_id_to_user_table extends Migration
{
    /**
     * {@inheritdoc}
     */
    public function safeUp()
    {
        $this->addColumn('{{%user}}', 'rbac_profile_id', $this->integer()->notNull()->after('id'));
        $this->createIndex('idx-user-rbac_profile_id', '{{%user}}', 'rbac_profile_id');
        $this->addForeignKey('fk-user-rbac_profile_id', '{{%user}}', 'rbac_profile_id', '{{%rbac_profile}}', 'id', 'CASCADE', 'CASCADE');
    }

    /**
     * {@inheritdoc}
     */
    public function safeDown()
    {
        $this->dropForeignKey('fk-user-rbac_profile_id', '{{%user}}');
        $this->dropIndex('idx-user-rbac_profile_id', '{{%user}}');
        $this->dropColumn('{{%user}}', 'rbac_profile_id');
    }
}

3 - use php yii migrate

3.1 - Now, include it on _form.php and Class of your identity.

3.2 - Add getRbacProfile()

    /**
     * @return \yii\db\ActiveQuery|\antonyz89\rbac\models\query\RbacProfileQuery
     */
    public function getRbacProfile()
    {
        return $this->hasOne(\antonyz89\rbac\models\RbacProfile::class, ['id' => 'rbac_profile_id']);
    }

3.3 - include it on rules()

//rbac_profile_id
['rbac_profile_id', 'required'],
['rbac_profile_id', 'integer'],
['rbac_profile_id', 'exist', 'skipOnError' => true, 'targetClass' => RbacProfile::class, 'targetAttribute' => ['rbac_profile_id' => 'id']],

4 - Access http://localhost/rbac or http://localhost?r=rbac and create a Profile with Controllers and Actions that you want whoever has this Profile to be able to access these Controllers and Actions

Update

5 - When your Identity tries to access an existing Controller/Action in his Profile nothing will happen, but if you try to access a Controller/Action that does not exist in his Profile, an error will appear:

Error at access http://localhost/category/update?id=16 Error

--

If you use AdminLTE, you can use my modified menu widget that works with RBAC and hides/displays menus according to the controllers/actions contained in the logged Identity's Profile, in addition to supporting roles like "@" and "?"

<?php

use antonyz89\rbac\widgets\Menu;

?>

<?php echo Menu::widget(
    [
        'options' => ['class' => 'sidebar-menu tree', 'data-widget' => 'tree'],
        'items' => [
            [
                'label' => 'Dashboard',
                'icon' => 'dashboard',
                'url' => ['site/index'],
                'role' => ['@'],
            ],
            /* A button can disappear if Identity's Profile don't have this Controller and Action */
            [
                'label' => 'Administrators',
                'icon' => 'lock',
                'url' => ['admin/index'],
                'role' => ['@']
            ]
        ]
    ]
); ?>

You can generate a migration with your current data of RBAC clicking on 'Generate Migration' button:

You can find the migration at 'console/migrations' and run using php yii migrate

Generate Migration

Conditional Blocks

You can create blocks for each controller added to the profile. Each block can contain a specific condition to allow access to the user to that controller and yours actions.

Conditions

In this case, all users with user_level = 2 or email = 'example@mail.com' can access this block.

Profile